I'm writing a .NET desktop application that is used to send orders to a server via a REST API. To avoid leaking of our authentication token I have made it so that, when used for the first time, the ...

I have never used web-sockets but I am working in a PHP framework which has builtin broadcasting facility. This broadcasting use web-sockets technologies named Redis and Pusher.
The workflow of this ...

I have a web app I'm hoping to write where a selection of files are zipped and encrypted in the browser before being uploaded to my server. I have a prototype of the system and it's working great. I ...

To employ end-to-end encryption, I am using a small tool that encrypts contents that is then posted and stored on our servers. While there are several concerns on client based encryption, I think it ...

I am currently working on a service which lets users store client-side encrypted data and access it anywhere. The client connects through a browser and the webapp is written in JavaScript. To easier ...

I am using Tresorit on Mac OS X and iPhone.
When I am using it there is always applied client-side encryption before posting the file to cloud. The key used for encryption is AES-256 and CFB mode of ...

I want to build a client that connects to my server and uses server API. You can consider this as a banking application because data security is the most important thing. Since the users or hackers ...

So my problem, in its general form, is encrypting test questions such that a client-side testing application can access the questions while students cannot. The naive approach, in my opinion, is to ...

can somebody explain to me if for example i use Server certificate, with 2048bit keys and client certificate with only 512bit strength, does this use in any way affect the security of the established ...

I have a Java applet, which records the whole screen of the user and uploads the images to the server.
If one would be able to (and many people could, I know) falsify the screen recording they could ...

I have been using RSA SecureID ® Keys for quite some time now (perhaps 10 years), for things such as securely my home banking account online or accessing my company's network of computers from home. ...

I have a little trouble understanding, how to use OAuth to secure an API. So I developed a RESTful service, which I would like to secure to authenticated access. I first opted for HTTP Basic + TLS, ...

I'm designing a web application that is going to handle very sensitive data, storing it on behalf of its users. A kind of online safe, if you will.
A user's secure data should only be visible to her, ...

So I followed this for setting up client ssl certs using openssl: http://drumcoder.co.uk/blog/2011/oct/19/client-side-certificates-web-apps/
It basically walks through creating a new CA key, and then ...

Is there an implementation of a file-sharing network protocol where the server has no idea what data is being stored, but can serve the encrypted files to clients that will decrypt them on-the-fly (if ...

I'm currently working a project that requires me to store sensitive information (mainly passwords and other information) on a web server via a standard python/flask website. This information is to be ...

So I have minimal knowledge of security really but I'm a primary developer on an application which handles some sensitive data that we want to be secure. The application communicates with one other ...

Does any one have references or sources on how to approach developing a web application in which the content is encrypted and unreadable for the developers or company owners; I'm referring to content ...

I am working on a web project and I want to (as far as possible) handle user data in a way that reduces damage to the users privacy in case of someone compromising our servers/databases.
Of course we ...

If I have got this right in my head it would be a simple enough task to combine arp spoofing on a public WiFi to redirect clients to an evil SSL server which sends malformed heartbeat requests or to ...